Posts tagged with “things that make me go hmm” and “internet”

There's good coverage of the technical details of this outage on the Renesys and CloudFlare blogs. The short version is that all Internet traffic into and out of Syria flows through a single, government-owned ISP, the Syrian Telecommunications Establishment (AS29386). This ISP withdrew their BGP routes from their providers, disabling access for all Syrian IP's (since every ISP in Syria relies on AS29386 for their international connectivity). This is effectively the same network structure that exists in Iran, and it makes it trivial to shut off an entire nation's Internet access: all traffic flows through a single point, and the government controls that point.

My TIER colleague Yahel Ben-David brought up the great point a couple months ago that it's kind of odd that method of choice for country-scale Internet blackouts seems to be withdrawing BGP routes, as opposed to just unplugging cables or powering off routers. The Syrian government tried to blame a cable cut for this blackout, but it's pretty hard to say all your BGP routes just "accidentally" got withdrawn. Withdrawing a BGP route is literally broadcast publicly around the world, so it's not particularly subtle either. I don't have a good explanation of why this is done: maybe the engineers tasked with implementing the blackout are just familiar with BGP? Maybe they don't want to disrupt their consecutive days of uptime numbers? If you're a network engineer who's implemented a national Internet blackout and has the answer, get in touch.